ID: 14082 Updated by: derick Reported By: [EMAIL PROTECTED] Old Status: Open Status: Closed Bug Type: Variables related Operating System: i686-pc-linux-gnu PHP Version: 4.0CVS-2001-11-16 New Comment:
Fixed in CVS Derick Previous Comments: ------------------------------------------------------------------------ [2001-11-16 08:20:28] [EMAIL PROTECTED] Hi, i have detect two annoyingly bugs ;-) with serialize/unserialize. The first bug indicate that unserialize can't work with negative integer numbers. The second problem brings php to crash! Unserialize crash if you manipulate the count of expecting array vars. Bug 1: <?php // Results: 'Warning: unserialize() failed at offset 13 of 39 bytes' // and an empty result string, but not false // because $foo['a'] is -1 error_reporting(2047); $foo['a']=(int)-1; $foo['b']=(string)'Paris'; $bar=serialize($foo); if ($bar!=false){ echo $bar; $nop=unserialize($bar); print_r($nop); } ?> --------------- Bug 2: <?php // Result: PHP crash, because the array number is smaller than serialized string error_reporting(2047); $ser_string='a:1:{s:1:"a";i:1000;s:1:"b";s:5:"Paris";}'; // ^- actually 2 $unser_string=unserialize($ser_string); ?> I have tried to make a bt, but gdb notify no fault. In debug mode some of my script warns with this: "Warning: String is not zero-terminated (source: ./zend_execute.c:449)" but i think that is another problem. ------------------------------------------------------------------------ Edit this bug report at http://bugs.php.net/?id=14082&edit=1 -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]